bokanrb

3 exploits Active since Jun 2018
CVE-2021-27403 NOMISEC MEDIUM WORKING POC
Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 - Cross-Site Scripting via curWebPage Parameter
Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow cgi-bin/te_acceso_router.cgi curWebPage XSS.
13 stars
CVSS 6.1
CVE-2021-27404 NOMISEC MEDIUM WRITEUP
Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 - Open Redirect via Host Header Injection
Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow injection of a Host HTTP header.
3 stars
CVSS 6.1
CVE-2018-6961 NOMISEC HIGH WORKING POC
VMware NSX SD-WAN by VeloCloud < 3.1.0 - Remote Code Execution via Local Web UI Command Injection
VMware NSX SD-WAN Edge by VeloCloud prior to version 3.1.0 contains a command injection vulnerability in the local web UI component. This component is disabled by default and should not be enabled on untrusted networks. VeloCloud by VMware will be removing this service from the product in future releases. Successful exploitation of this issue could result in remote code execution.
1 stars
CVSS 8.1